Chris Buechler wrote:

>On Thu, 14 Oct 2004 07:24:48 -0400, Christopher M. Iarocci
><iarocci at eastendsc dot com> wrote:
>  
>
>>Thanks for the info.  I do not have any duplicate SA's, and yes, it does
>>happen to all tunnels, not just the one to the Cisco.  I will check the
>>timeouts today for mismatches and see if that helps.
>>
>>    
>>
I've checked all the settings on both ends, and nothing is wrong with 
any of them (no mismatches).  I am connecting to 2 Cisco routers now, 
and both are experiencing the same problem.

>Also might want to try disabling prefer newer, and see if it still
>happens, per the instructions from Fred Wright in the thread I
>mentioned earlier, and report back.
>  
>
Could you elaborate?  I don't see such a setting on my m0n0wall.

>That's about all I know about this, but if you can report back with
>more details, Fred will probably jump in the thread, and he's the one
>that wrote the IPsec kernel patch in this new beta, so he really knows
>what he's talking about.  moreso than I do.  :)
>  
>
That would be great if he jumped in.  I could supply logs if he wishes.  
My internet connection bounces like a yo-yo, so this is a constant 
problem with this beta version.  I dropped back to version 1.1 and the 
problem is gone.  There certainly is some sort of problem introduced in 
the newest beta.  I do realize this is a beta, and I'd like to help in 
any way possible to resolve the problem.

Chris